LA hospital pays hackers $17,000 ransom (not $3.7 million) to reclaim computer network

LA hospital pays hackers $17,000 ransom (not $3.7 million) to reclaim computer network

February 17, 2016
Health IT Risk Management
Courtesy: Hollywood
Presbyterian Medical Center
By: Thomas Dworetzky and Gus Iversen

Newsflash for hospital administrators: A cyberattack, like the one that just hit Hollywood Presbyterian Medical Center, might just put the "paper" back into your health care paperwork — and it may set you back at least a few grand to resolve.

Staff at the Los Angeles facility first spotted "significant IT issues and declared an internal emergency" last Friday. The ransomware attack shut down computers on February 5 and forced staff to resort to overworked fax lines and old-fashioned paper "charts" according to reports.

It was widely stated that the blackmailers demanded 9,000 bitcoins, or about $3.7 million dollars, for the keys to unlock the system, but a new statement from the hospital asserts that the ransom was considerably lower — and has been paid.

Servicing GE/Siemens Nuclear Medicine equipment with OEM trained engineers

Numed, a well established company in business since 1975 provides a wide range of service options including time & material service, PM only contracts, full service contracts, labor only contracts & system relocation. Call 800 96 Numed for more info.



"The reports of the hospital paying 9000 Bitcoins or $3.4 million are false. The amount of ransom requested was 40 Bitcoins, equivalent to approximately $17,000," Hollywood Presbyterian wrote in a statement on Wednesday. "The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this."

For now, the $17,000 appears to have resolved the problem, but the implications for other susceptible health care facilities remain significant.

“Things are kind of slow,” vocational nurse Tina Bordas, a representative of the facilities nurses, told The Guardian during the technology blackout. But she added that some "old-school" staffers actually prefer paper.

“It takes less time to write something on paper than put it in the computer,” said the 27-year-veteran nurse. “A computer screen isn’t that friendly and as a nurse, there are certain things that you want to document that might not fit into a computer form.”

CEO Stefanek didn't think the hospital had been specifically targeted, telling NBC that "it was clearly not a malicious attack,” and added that he thought "it was a random attack.”

Experts suggest, however, that health care institutions are particularly juicy targets for ransom-driven hackers. "The expanding number of access points to Protected Health Information (PHI) and other sensitive data via electronic medical records and the growing popularity of wearable technology makes the health care industry a vulnerable and attractive target for cybercriminals.

You Must Be Logged In To Post A Comment